| Alex Klyubin | f5446eb | 2017-03-23 14:27:32 -0700 | [diff] [blame] | 1 | typeattribute lmkd coredomain; |
| Steven Moreland | 6598175 | 2022-02-10 00:32:44 +0000 | [diff] [blame] | 2 | typeattribute lmkd bpfdomain; |
| Alex Klyubin | f5446eb | 2017-03-23 14:27:32 -0700 | [diff] [blame] | 3 | |
| dcashman | cc39f63 | 2016-07-22 13:13:11 -0700 | [diff] [blame] | 4 | init_daemon_domain(lmkd) |
| Inseob Kim | 55e5c9b | 2020-03-04 17:20:35 +0900 | [diff] [blame] | 5 | |
| 6 | # Set sys.lmk.* properties. |
| 7 | set_prop(lmkd, system_lmk_prop) |
| Suren Baghdasaryan | b221e66 | 2020-05-05 12:41:02 -0700 | [diff] [blame] | 8 | |
| 9 | # Set lmkd.* properties. |
| 10 | set_prop(lmkd, lmkd_prop) |
| 11 | |
| Suren Baghdasaryan | 592e06c | 2021-08-04 12:31:43 -0700 | [diff] [blame] | 12 | # Get persist.device_config.lmk_native.* properties. |
| 13 | get_prop(lmkd, device_config_lmkd_native_prop) |
| 14 | |
| Carlos Galo | ea1bd5d | 2024-03-12 20:04:41 +0000 | [diff] [blame] | 15 | # Needed for reading tracepoint ids in order to attach bpf programs. |
| 16 | allow lmkd debugfs_tracing:file r_file_perms; |
| 17 | allow lmkd self:perf_event { cpu kernel open write }; |
| 18 | |
| Suren Baghdasaryan | ea2941b | 2021-05-27 18:22:41 -0700 | [diff] [blame] | 19 | allow lmkd fs_bpf:file read; |
| Carlos Galo | ea1bd5d | 2024-03-12 20:04:41 +0000 | [diff] [blame] | 20 | allow lmkd bpfloader:bpf { map_read map_write prog_run }; |
| 21 | |
| 22 | # Needed for polling directly from the bpf ring buffer's fd |
| 23 | allow lmkd fs_bpf_lmkd_memevents_rb:file { read write }; |
| 24 | allow lmkd fs_bpf_lmkd_memevents_prog:file read; |
| Suren Baghdasaryan | ea2941b | 2021-05-27 18:22:41 -0700 | [diff] [blame] | 25 | |
| Inseob Kim | 85acf6e | 2021-03-10 10:42:23 +0900 | [diff] [blame] | 26 | neverallow { domain -init -lmkd -vendor_init } lmkd_prop:property_service set; |
| Carlos Galo | ea1bd5d | 2024-03-12 20:04:41 +0000 | [diff] [blame] | 27 | neverallow lmkd self:perf_event ~{ cpu kernel open write }; |